I started packaging redwood for CentOS 7 and was wondering about adding it to nethserver since it's has couple advantages over squid-cache (while it's a filtering service compared to a squid for caching).The source code of the server is public at:github.com

I'd like to change the behavior of the Transparent HTTPS proxy dropping the MITM (Man In The Middle) feature that inspects all the encrypted traffic, substituting it with a new implementation that sniffs only the beginning of the connection to discover the destination website (for filtering purposes).
Brief recap: now, when the Web proxy is set to Transparent with SSL, NethServer intercepts traffic on port 443 (HTTPS), connects to the secure web server impersonating the client and decrypts all…

@alefattorini and evrybody Sorry for the delayed response, I have some personal good things going.@robb Yes it means the ability to balance the load over multiple CPU's much efficiently.@flatspin see below but it(squid) has the same basic bottle necks.@giacomo For most systems it can replace squid in many scenarios and can do even better.

Compared to Squid-Cache RedWood is a filtering only proxy and not a caching one.Squid is based on design from the early 1980's and there for is more "low level" then other languages such as ERLANG or GOLANG(which redwood is built in).RedWood was tested on an environment of about 200Mbps and was found more resource friendly and also very efficient in couple other aspects.However it has couple bugs and most of them are due to some GoLang bugs which are expected to be resolved in the far future(Brad Fitz words..).It can be a squid parent proxy or a stand alone proxy.SquidGuard and UFDB are acting the same role but in other forms and still requires from squid to be the MITM and squid does it job pretty well.However squid doesn't support websockets at all and is quite complex to patch compared to RedWood.The version I released is a beta version and also due to the basic fact that there are some bugs in GoLang which are related to this and similar proxies.RedWood can be used as:- Forward proxy(defined in the browser)- Intercept proxy(On the Gateway)- SSL-BUMP (for either intercept or forward proxy)

Compared to Squid-Cache RedWood is a filtering only proxy and not a caching one.

This is the problem... I see RedWood as the same fonction as the Privoxy one.They are good, but without caching... So the only possibility for some who want to filter finely and a proxy cache is to chain the two proxies this way: LAN -> PROXY CACHE -> PROXY FILTER ( Privoxy or Redwood ) -> WAN

@giacomo Indeed the docs are a bit confusing compared to squid but everything is there.In my package there is a script that initialize the ssl-bump function with an exception\bypass option. There are things in squid that do not work as they are supposed to be so it's not about "peek and splice" only but the over whole.If you need to bypass the proxy it's there and you just need to learn what is there for you and choose if it fits your environment or not.There is nothing about maturity in RedWood, it's a "perfect" product but since it's based on GoLang and not C or C++ it has another nature.

@alefattorini I have some experience with RPM packaging (packing squid-cache and other) but NethServer is a new thing for me.if my wife will allow me to devote more time to the subject I will gladly do so but for now I my hands a re a bit full\busy.So it will wait for me and if others are willing to help I am here to answer what I can.